Just one record fails

[phn at icke-reklam.ipsec.nu]

a.r.kuiters at kpn.com wrote:
> Barry,

> I'd made a tcpdump on the link towards the 'problem' DNS.

> I see the following answer:

>     Queries
>         orange.fr.mnc001.mcc208.gprs: type ANY, class inet
>             Name: orange.fr.mnc001.mcc208.gprs
>             Type: Request for all records
>             Class: inet
>     Answers
>         orange.fr.mnc001.mcc208.gprs: type A, class inet, addr 212.234.96.89
>             Name: orange.fr.mnc001.mcc208.gprs
>             Type: Host address
>             Class: inet
>             Time to live: 5 minutes
>             Data length: 4
>             Addr: 212.234.96.89
>     Authoritative nameservers
>         mnc001.mcc208.gprs: type NS, class inet, ns
> DNS1beaujon.mnc001.mcc208.gprs
>             Name: mnc001.mcc208.gprs
>             Type: Authoritative name server
>             Class: inet
>             Time to live: 1 hour
>             Data length: 14
>             Name server: DNS1beaujon.mnc001.mcc208.gprs
>         mnc001.mcc208.gprs: type NS, class inet, ns
> DNS2blancmesnil.mnc001.mcc208.gprs
>             Name: mnc001.mcc208.gprs
>             Type: Authoritative name server
>             Class: inet
>             Time to live: 1 hour
>             Data length: 18
>             Name server: DNS2blancmesnil.mnc001.mcc208.gprs
>     Additional records
>         DNS1beaujon.mnc001.mcc208.gprs: type A, class inet, addr
> 212.234.96.11
>             Name: DNS1beaujon.mnc001.mcc208.gprs
>             Type: Host address
>             Class: inet
>             Time to live: 5 minutes
>             Data length: 4
>             Addr: 212.234.96.11
>         DNS1beaujon.mnc001.mcc208.gprs: type A, class inet, addr
> 10.66.215.137
>             Name: DNS1beaujon.mnc001.mcc208.gprs
>             Type: Host address
>             Class: inet
>             Time to live: 5 minutes
>             Data length: 4
>             Addr: 10.66.215.137
>         DNS1beaujon.mnc001.mcc208.gprs: type A, class inet, addr
> 192.168.133.12
>             Name: DNS1beaujon.mnc001.mcc208.gprs
>             Type: Host address
>             Class: inet
>             Time to live: 5 minutes
>             Data length: 4
>             Addr: 192.168.133.12
>         DNS2blancmesnil.mnc001.mcc208.gprs: type A, class inet, addr
> 192.168.133.13
>             Name: DNS2blancmesnil.mnc001.mcc208.gprs
>             Type: Host address
>             Class: inet
>             Time to live: 5 minutes
>             Data length: 4
>             Addr: 192.168.133.13
>         DNS2blancmesnil.mnc001.mcc208.gprs: type A, class inet, addr
> 10.66.225.137
>             Name: DNS2blancmesnil.mnc001.mcc208.gprs
>             Type: Host address
>             Class: inet
>             Time to live: 5 minutes
>             Data length: 4
>             Addr: 10.66.225.137
>         DNS2blancmesnil.mnc001.mcc208.gprs: type A, class inet, addr
> 212.234.96.74
>             Name: DNS2blancmesnil.mnc001.mcc208.gprs
>             Type: Host address
>             Class: inet
>             Time to live: 5 minutes
>             Data length: 4
>             Addr: 212.234.96.74

> We act as a deligation for the zone mnc001.mcc208.gprs and we query both the
> 212.234.96.11 and 212.234.96.74.
> Do you think the TTL for those nameservers is the problem?

> Regards,
> Rob

If i may come in here, yes, TTL differs. NS records hold 1h ( which is
too short) but A records has 5min. At least these should have the same 
TTL , but in particular they should be longer.

You might also have problems with delegation records that 
might be in conflict, these arn't seens in your dump, and all
of the addresses are obviously "hidden" from Internet visibility,
so there is not much that can be diagnozed from here.

Maybe a copy of men&mice DNSexpert would be worth it's money ?

-- 
Peter Håkanson         
        IPSec  Sverige      ( At Gothenburg Riverside )
           Sorry about my e-mail address, but i'm trying to keep spam out,
	   remove "icke-reklam" if you feel for mailing me. Thanx.